SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for drupal9-nginx-9.3.22-1.11.noarch.rpm :

* Mon Dec 05 2022 Carsten Ziepke - Update to 9.3.22 This is a security release of the Drupal 9 series.
* Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016 CVE-2022-39261- Changes in 9.3.21 This is a security release of the Drupal 9 series.
* CVE-2022-31175: Cross-site scripting (XSS) caused by the editor instance destroying process- Changes in 9.3.20 This is a security release of the Drupal 9 series.
* CVE-2022-31109: Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack- Changes in 9.3.19 This is a security release of the Drupal 9 series.
* Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012
* Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
* Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
* Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2022-015- Changes in 9.3.18
* Issue #3294205: Composer v2.2 prompts to authorize another plugin when stability=dev
* Issue #3255749: Composer v2.2 prompts to authorize plugins- Changes in 9.3.17 This is a security release of the Drupal 9 series.
* CVE-2022-31090: CURLOPT_HTTPAUTH option not cleared on change of origin
* Change in port should be considered a change in origin
* Issue #3291780: guzzlehttp/guzzle 6.5.8 requires guzzlehttp/psr7 ^1.9
* Issue #3285193:Temporarily skip random test failures that hide real test failures, part 4
* Merge 9.3.16, resolve merge conflicts, and update lockfile and dev versions.
* Issue #3247683: Disable CKEditor 5\'s automatic link decorators (in Drupal filters should be used instead)
* Issue #3273983: Do not assume that plugin supporting also supports in SourceEditingRedundantTags and upgrade path
* Issue #3283795: ComposerHooksTest is broken on latest DrupalCI PHP container- Changes in 9.3.16 This is a security release of the Drupal 9 series.
* Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-011- Run spec-cleaner- Fix self-obsoletion rpmlint warning
* Tue Jun 07 2022 Joop Boonen - Update to 9.3.15 Issue #3274648 by nod_, Wim Leers: HTMLRestrictions::merge() and ::toGeneralHtmlSupportConfig() fail on allowed attribute values that can be interpreted as integers Issue #3276217 by lauriii, Wim Leers: [drupalMedia] add tests to confirm GHS attributes are retained in linked media Issue #3280985 by mherchel, andy-blum: Olivero\'s code block styling is slightly broken at various viewport widths Issue #3274651 by Wim Leers, nod_, alexpott: Impossible to enable
    or
      with GHS: switch to List\'s successor, DocumentList Issue #3277438 by Wim Leers, bnjmnm, lauriii, xjm, nod_, Reinmar: Update to CKEditor 5 v34.1.0 SA-CORE-2022-010 by mayela, mxr576, xjm, cilefen, greggles, benjifisher, alexpott Issue #2513524 by andregp, JeroenT, Bill Choy, TR, tstoeckler, dawehner, Wim Leers, xjm: ExtensionDiscovery is unable to find modules that have a comment at the end of the type property in a .info.yml file Issue #3275237 by hooroomoo, lauriii, Wim Leers, nod_: Don\'t convert, instead use response.entity_type in DrupalImageUploadEditing Issue #3058409 by guilhermevp, joachim, ravi.shankar, quietone, init90, andregp: TermStorage::loadTree() doesn\'t document what the return array is keyed by Issue #3232714 by paulocs, vsujeetkumar, mondrake, longwave, quietone, larowlan: Replace, in tests, mocks that do not configure doubles with their actual objects Issue #3268746 by quietone, xjm: Fix missing newlines for \'Drupal.Commenting.DocComment.ShortSingleLine\' Issue #3280602 by larowlan, DanielVeza, Wim Leers, mstrelan: Exceptions for CKEditor 5 plugin definitions containing wildcard tags when PHP is built with libxml 2.9.14 Issue #3259593 by hooroomoo, Dom., Wim Leers, bnjmnm, lauriii: Alignment being available as separate buttons AND in dropdown is confusing Issue #3250582 by huzooka, Matroskeen, danflanagan8, ravi.shankar, quietone, erik.erskine: ResponsiveImageStyles source plugin must extend DrupalSqlBase Issue #3260920 by tstoeckler: Contact\'s MessageEntityTest wrongly uses \'edit\' access operation on entities instead of \'update\' Issue #3278394 by Wim Leers, bnjmnm: HTMLRestrictions\' diff operation bug: diff(, ) should return an empty result Issue #2580263 by Berdir, nils.destoop, catch, Cottser, larowlan: Find a way to not run contextual_preprocess() on every template Issue #3280614 by Spokje: (Not so) Random test failures QuickEditFileTest Issue #3272336 by danflanagan8: File tests should not rely on Classy Issue #3279502 by webflo: Fix invalid AATTproperty annotations Issue #3218562 by bradjones1, yogeshmpawar, Lendude, catch: Fix typo in/rename SearchSimplifyTest Issue #3272543 by danflanagan8, larowlan: History tests should not rely on Classy Issue #3279103 by bradjones1: Test cleanup: Remove dead code from JsonApiFunctionalTest Issue #3278314 by acbramley: InlineBlockUsageInterface::getUsage can return FALSE but isn\'t documented Issue #3270081 by franck_lorancy, quietone, Cottser: Fix indentation in doc block \\Drupal\\Core\\Render\\RendererInterface::render Issue #2314443 by olli, Lendude, immaculatexavier, dawehner: Changing view name does not update page title in views ui Issue #2917239 by Lendude, dww, iStryker: Form is built when not using fields Issue #3276218 by lauriii: Follow-up to #3268318: Enable link manual decorator unrestricted test case Issue #2636086 by Matroskeen, Spokje, jian he, ravi.shankar, quietone, larowlan, Lendude, dawehner, Sweetchuck: Add extra test coverage for operators of views date filters Issue #3252100 by amateescu, catch, Tim Bozeman: Set revision_default when publishing Issue #3269657 by hooroomoo, Wim Leers: [drupalMedia] The CKEditor 4 → 5 upgrade path for the media_embed filter should not forcefully allow the data-view-mode attribute on
      * Wed Jan 05 2022 Joop Boonen - Update to 9.3.2 Issue #3247619 by Lendude, danflanagan8, FiNeX, beatrizrodrigues: \"Place a colon after the label\" not working on grouping field label on views Issue #2879293 by digitaldonkey, tobiasb, Mac_Weber, paulocs, Meenakshi_j, stefan.korn, ranjith_kumar_k_u, longwave, alexpott: Make Link URI required if there is Link Text input Issue #3014629 by quietone, Wim Leers, xurizaemon: Document that Configuration migrations can depend on Content migrations Issue #3207907 by quietone, Berdir, alexpott: Ensure functional tests use the test mail collector Issue #3190261 by danflanagan8, doostinharrell, phenaproxima, larowlan, paulocs: MediaLibraryWidget can trigger an AJAX error if all media types can be referenced Issue #3256591 by yassermussa, Chi: Fix Element/Table documentation Issue #2916142 by beatrizrodrigues, Chi, yogeshmpawar, tobiberlin, quietone, borisson_: Decimal and Float item generates wrong sample values Issue #3213928 by RoSk0: LoggerChannelInterface documentation Issue #3256581 by cburschka: PHPdoc in update.authorize.inc Issue #2853183 by quietone, darvanen, slootjes, Munavijayalakshmi, himanshu-dixit, shubham.prakash, gaurav.kapoor, prash_98, alexpott, JohnAlbin: Correct references from Symfony Framework Issue #3175287 by murilohp, quietone, SivaprasadC, ankithashetty, anmolgoyal74, sarvjeetsingh, xjm, longwave: Remove accidentally duplicated words in code comments Issue #3174570 by quietone, anmolgoyal74, skudderk: Fix documentation comment in MainContentViewSubscriber Issue #3249859 by apaderno: The documentation page for NestedArray::unsetValue() shows example code that uses NestedArray::unset_nested_value() Issue #3251835 by beatrizrodrigues, joachim, mikelutz, quietone: Fix incorrect AATTreturn docs and description for Row::getSource() Issue #3131348 by Spokje, jungle, mondrake, vsujeetkumar, sja112, kishor_kolekar, Hardik_Patel_12, mrinalini9, yogeshmpawar, daffie: Replace assertions involving calls to empty() with assertEmpty()/assertNotEmpty()/assertArrayNotHasKey() Issue #3255504 by anagomes, Chi, cilefen: Remove jQuery dependency from date.js Issue #3136388 by dww, jyotimishra-developer, nitesh624: Fix phpdocs in core/lib/Drupal/Core/Database/Install/Tasks.php Issue #2675006 by danflanagan8, robpowell, quietone, alexpott: Write UnitTest for MigrationConfigurationTrait and fix Exception Handling Issue #3212470 by JeroenT, Gauravmahlawat: Placeholder CSS selector in off-canvas.reset.css is wrong Issue #2675006 by danflanagan8, robpowell, quietone: Write UnitTest for MigrationConfigurationTrait and fix Exception Handling Issue #3092430 by quietone, shrutidkadam, RdeBoer, bgprior, danflanagan8: Ensure SearchPlugin has a configuration array Issue #3205909 by kunal.sachdev, tedbow, phenaproxima: Ensure only needed permissions are used for Update module functional tests Issue #2793169 by Matroskeen, Manuel Garcia, anmolgoyal74, Pooja Ganjage, Abhijith S, Lendude, dww, quietone: hook_views_post_render provides inaccurate information Issue #3247039 by joachim, quietone: MigrateDestinationInterface::import() should document that it can throw a MigrateException Issue #3255836 by alexpott, clayfreeman, dww, benjifisher, Spokje: Test fails due to Composer 2.2 Issue #3247269 by Sakthivel M, mherchel: Olivero: Alignment of primary menu hover states and dropdowns is incorrect at wide widths Issue #3064890 by danflanagan8, mpp, mottihoresh, scott_euser, peonboyos, Kristen Pol, joshmiller: Notice: Undefined index: name in Drupal ield_uiement\\FieldUiTable::reduceOrder() (line 228 of /var/www/html/docroot/core/modules/field_ui/src/Element/FieldUiTable.php) Issue #3245383 by Beakerboy, daffie: If the database driver is provided by a module, it\'s name must be included in tests which check for enabled modules Issue #3251125 by Beakerboy, daffie, mondrake: Do not uninstall the database driver module within installer tests Issue #3248309 by danflanagan8: AssertBreadcrumbTrait should not rely on Classy Issue #3080819 by beatrizrodrigues, ankithashetty, lucienchalom, quietone, Vivek Panicker, catch: Missing documentation for \"core_version_requirements\" key in InfoParserInterface file Issue #3254403 by paulmckibben, ranjith_kumar_k_u, longwave, Lendude, cilefen: system_post_update_sort_all_config can exhaust PHP memory in 9.3.0 Issue #3253889 by BR0kEN, murilohp, longwave: `?check_logged_in=1` causes `TrustedRedirectResponse` to fail Issue #3246156 by realityloop, rachel_norfolk: Add Brian Gilbert (realityloop) as a full mentoring coordinator Issue #3246158 by rachel_norfolk, volkswagenchick: Add AmyJune Hineline (volkswagenchick) as a full mentoring coordinator Issue #3246157 by ChrisDarke, rachel_norfolk: Add Chris Darke (ChrisDarke) as a full mentoring coordinator Issue #3253568 by Spokje, paul121, rviner, longwave, alexpott, quietone: Error: Cannot use object of type Drupal\\Core\\Render\\Markup as array in Drupal\\Core\\Render\\Renderer->doRender() (line 218. When checkbox \'Use field template\' is checked Issue #3239287 by alexpott, longwave: Fix \\Drupal\\Coretension\\ModuleDependencyMessageTrait to not cause deprecations in PHP 8.1 Issue #3253683 by andypost, Spokje, Gábor Hojtsy: Improve compatibility with composer 2.2 Issue #3250648 by Beakerboy, daffie: Avoid comparing fields with different collations in SelectSubqueryTest Issue #3252067 by tedbow, Spokje: Remove duplicate loading of update reports after refreshUpdateStatus Issue #3253824 by juli sh, Matroskeen: Minor typo in d7_field_formatter_settings.yml comment
      * Mon Dec 27 2021 Joop Boonen - Upgrade to drupal 9.3.0 as 8 isn\'t supported any more
      * Wed Nov 24 2021 ecsos - Update to 8.9.20 Maintenance and security release of the Drupal 9 series. This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement: Drupal core - Critical - Third-party library - SA-CORE-2021-011 For more information, see CKEditor\'s security advisories: - CVE-2021-41165: HTML comments vulnerability allowing to execute JavaScript code - CVE-2021-41164: Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML
      * Mon Sep 20 2021 ecsos - Update to 8.9.19 Maintenance and security release of the Drupal 8 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-006 Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-007 Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-008 Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-009 Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-010- Changes from 8.9.18 Maintenance and security release of the Drupal 8 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal core - Critical - Third-party library - SA-CORE-2021-005
      * Fri Jul 23 2021 ecsos - Update to 8.9.17 Maintenance and security release of the Drupal 8 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal core - Critical - Third-party library - SA-CORE-2021-004
      * Thu May 27 2021 ecsos - Update to 8.9.16 Maintenance and security release of the Drupal 8 series. This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-003- Changes from 8.9.15 This is a patch (bugfix) release of Drupal 8 and is ready for use on production sites. Learn more about Drupal 8. [#3209456] by kpa, piggito, mherchel: Update Underscore.js to the latest version (1.13.1) [#3211810] by alexpott, xjm, Spokje, Amber Himes Matz, Kristen Pol, lauriii: [security] Update Nightwatch and locked dev dependencies to address security issues [#3212177] by alexpott, lauriii: Update caniuse-lite as it is outdated [#3211805] by xjm, Kristen Pol, longwave: Update composer/composer dev dependency in metapackages to 2.0.13 Revert \"Issue #3211164 by alexpott: Random errors in Javascript Testing\" [#3211164] by alexpott: Random errors in Javascript Testing [#3128389] by clayfreeman, jungle, cliddell, john.oltman, acbramley, larowlan: [backport] LocaleTranslation is not serializable [#2571475] by mglaman, tstoeckler, tedbow, eiriksm, Jaesin, phenaproxima, alexpott: Outbound HTTP requests fail with KernelTestBase Back to dev. Merged 8.9.14. [#2958588] by cainaru, lauriii, DamienMcKenna, clayfreeman, longwave, galactus86, bkosborne, pawandubey, doublealpha, Blackstallion, alexpott, tim.plunkett, kpaxman, justcaldwell, mark_fullmer: Off-canvas style resets are overriding styles (especially SVGs) resulting in display issues [#3120301] by alexpott, zestagio, Wim Leers: RoutePreloader: prevent preloading of routes generated by JSON:API [#3207086] by benjifisher, larowlan, mondrake, Spokje: [HEAD BROKEN] Consistent failure in MonthDatePluginTest [#3202440] by jonathanshaw, ravi.shankar, catch, longwave: [backport] EntityQuery accessCheck: field ui cardinality validation should not be access sensitive [#3206540] by yechaozheng, longwave: Set access check to FALSE for entityQuery of user in user_is_blocked function [#3183301] by mcdruid, longwave, markwittens, nathandentzau, marcaddeo, janusman, -nrzr-, David_Rothstein, Heine, vijaycs85, xjm, tim.plunkett, pandaski, Wim Leers, larowlan: Add tests for SA-CORE-2020-009 [#3201393] by Lendude, dww, imalabya, dawehner, anmolgoyal74, Abhijith S: Filter glossary view by status [#3169212] by int_ua, Matroskeen, anmolgoyal74, Krzysztof Domański, alexpott, biblos, init90, xjm: Improve transliteration of Ukrainian letters [#3184650] by geek-merlin, quietone, benjifisher, alexpott: ContentEntity migration source adds revision ID as source key, incompatible with Drupal 8.8 and earlier [#3201470] by jonathanshaw, catch, longwave: EntityQuery accessCheck: Cron functions should never check access [#3192260] by danflanagan8, longwave, jhodgdon, dww: [random test failure] Random fail in media_library CKEditorIntegrationTest [#3199205] by xjm, mcdruid: Update Archive_Tar to 1.4.13 [#2857444] by nedjo, alexpott, jofitz, gaurav.kapoor, Wim Leers: Editor module fails to track usage of files embedded in non-core fields [#2969107] by raman.b, alexpott, matiasmiranda, L-four, kkalashnikov, catch, daffie, Lendude, xjm: 500 error on passing invalid month to MonthDate view argument handler Revert \"Issue #2969107 by raman.b, matiasmiranda, kkalashnikov, L-four, daffie, Lendude: 500 error on passing invalid month to MonthDate view argument handler\" [#2969107] by raman.b, matiasmiranda, kkalashnikov, L-four, daffie, Lendude: 500 error on passing invalid month to MonthDate view argument handler [#3192231] by larowlan, xjm, catch, Mixologic, kim.pepper: UnroutedUrlTest is failing on dev versions of PHP [#3054510] by greggles, Spokje, bas123, fchandler, effulgentsia, Wim Leers, mr.baileys, patchman-jelmerverkleij: Make a minor docs improvement to NormalizerBase.php in order for Patchman to see it as a newer version than it was prior to SA-CORE-2019-003 Merge 8.9.13, resolve merge conflicts, and update lockfile and dev versions.
      * Fri Apr 23 2021 ecsos - Update to 8.9.14 Maintenance and security release of the Drupal 8 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal core - Critical - Cross-site scripting - SA-CORE-2021-002
      * Thu Jan 21 2021 Joop Boonen - Update to 8.9.13 - Drupal core - Critical - Third-party library - SA-CORE-2021-001
      * Sat Jan 16 2021 Arjen de Korte - BuildRequires php-cli
      * Thu Jan 07 2021 Joop Boonen - Update to 8.9.12 - All changes since Drupal 8.9.11 Issue #3189547 by lauriii, bnjmnm: Custom Commands indent: command not found on patches with nightwatch changes Issue #3181644 by alexpott, andypost, longwave, chr.fritsch: PCRE library version 10.35 with pcre.jit=1 makes \\Drupal\\Core\\StringTranslation\\Translator\\FileTranslation::getTranslationFilesPattern() regex misbehave Issue #3145076 by johnwebdev, alexpott, Sam152: [backport] MapItem base fields cannot be uninstalled Issue #3178845 by alexpott, Spokje, xjm, lauriii, Mixologic: [backport] Run same checks as committers do on DrupalCI Issue #3189101 by paulocs, ranjith_kumar_k_u: Update documented links from form.api.php Issue #3133386 by jyotimishra123, fgm: Incorrect error text in EntityViewBuilder constructor Issue #3188816 by mariodan, jhodgdon: Main page for api.drupal.org links in Further Information are broken Issue #3036494 by Berdir, alexpott, rgpublic, cilefen, kerasai, regilero: Race condition in ImageStyle::createDerivative() Issue #3162603 by paulocs, daffie, mxr576, vadim.jin, sandeep_jangra, naresh_bavaskar, longwave, amateescu, drunken monkey, larowlan: EntityStorageBase::loadByProperties() is broken on PostgreSQL when using two or more case insensitive properties Issue #2644468 by mondrake, DuaelFr, sanket_markan, swentel, alexpott, Lukas von Blarer, segovia94, Suresh Prabhu Parkala, shobhit_juyal, larowlan, rensingh99, Abhijith S, Haza, fietserwin, Berdir, catch, andypost: Multiple image upload breaks image dimensions Revert \"Issue #3181272 by jungle, longwave, Balu Ertl, larowlan: Fix typo in FileStorage error message\" Issue #3178066 by pameeela, TylerMarshall: Missing word in the documentation for ThirdPartySettingsInterface Issue #2916376 by rlmumford, Sweetchuck, tim.plunkett: The AATTContextDefinition annotation always kills the label and the description Issue #3181272 by jungle, longwave, Balu Ertl, larowlan: Fix typo in FileStorage error message Issue #3181870 by Matroskeen, longwave: Correct typo \"the the\" in \"core/classList\" deprecation message\" Issue #3180167 by valthebald: Remove valthebald from the Core mentoring coordinators
  
ICM